package org.example.controller;

import org.example.apiclientsdk.model.User;
import org.example.apiclientsdk.utils.SignUtils;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;

/**
 * 名称API
 * @date: 2021/3/22
 * @description: 根据名称查接口
 */
@RestController
@RequestMapping("/name")
public class NameController {
    @GetMapping("/get")
    public String getNameByGet(String name, HttpServletRequest request){
        System.out.println(request.getHeader("yupi"));
        return "GET 你的名字是"+name;
    }
    @PostMapping("/post")
    public String getNameByPost(@RequestParam String name){
        return "POST 你的名字是"+name;
    }
    @PostMapping("/user")
    public String getUserNameByPost(@RequestBody User user, HttpServletRequest request){
//        String accessKey = request.getHeader("accessKey");
//        String nonce = request.getHeader("nonce");
//        String timestamp = request.getHeader("timestamp");
//        String sign = request.getHeader("sign");
//        String body = request.getHeader("body");
//        // todo 实际情况需要去数据库校验,是否分配给用户
//        if (!accessKey.equals("yupi")){
//            throw new RuntimeException("无权限");
//        }
//        if (Long.parseLong(nonce)>10000){
//            throw new RuntimeException("无权限");
//        }
//        //时间和当前时间不能超过五分钟
//        if (Math.abs(Long.parseLong(timestamp)-System.currentTimeMillis()/1000)>60*5){
//            throw new RuntimeException("无权限");
//        }
        //一般是从数据库查到的secretKey
//        String serverSign = SignUtils.getSign(body, "abcdef");
//        if (!sign.equals(serverSign)){
//            throw new RuntimeException("无权限");
//        }
       String result="POST 用户名"+user.getUsername();

        return result;
    }
}
